Azure App Configuration
An Azure service that provides hosted, universal storage for Azure app configurations.
How to Restrict Microsoft Graph API Chat Access to Only Chats Involving a Specific User (User1)?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 40%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
Riddhi Patel
30
Reputation points
Hi Community,
I’m working on a Teams integration using the Microsoft Graph API at the service principal (app-only) level. I’m using the following endpoint to read chat messages:
GET https://graph.microsoft.com/v1.0/chats/{chat-id}/messages
My Goal:
I want to restrict access so that the app can only read messages from chats involving a specific user (User1). For example:
- Chats between User1 and User2
- Chats between User1 and User3
- But not chats between User2 and User3
Current Concern:
Using Chat.Read.All gives access to all chats in the tenant, which I want to avoid due to security and privacy concerns.
My Questions:
Is there a way to restrict Graph API access to only chats where User1 is a participant?
Can this be achieved using Resource-Specific Consent (RSC) permissions?
Is there any better approach or best practice to meet this requirement securely?
Any help, documentation references, or examples would be much appreciated.
Thanks in advance!
Azure App Configuration
Sign in to answer